Overview

overview

10

Static

static

10

2024-05-23...er.exe

windows7-x64

9

2024-05-23...er.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-23_c9be0a4b82f4d226b844317cb2fd3b5a_cryptolocker

  • Size

    47KB

  • Sample

    240523-bwktksgf4s

  • MD5

    c9be0a4b82f4d226b844317cb2fd3b5a

  • SHA1

    98aafdef80e69014b8eba7371df31816ab8e33c4

  • SHA256

    977bc2c736444acee073af769ae294c7f0c89beedc7faee7e1b34ba5dd1314dc

  • SHA512

    b7f3acc7893793e226c459fd0db73fbddc53dd19b3dfc18e20b99f398eb02e9e5cded869058d8db63a9aa4d80d68c3dc10ee692a20dae201bed16b331baa15c7

  • SSDEEP

    384:e/4wODQkzonAYsju5N/surDQtOOtEvwDpjqIGROqS/WccJVJwi2B5oCCM8CLW2Vw:79inqyNR/QtOOtEvwDpjBKccJVODvy3J

Score
10/10

Malware Config

Targets

    • Target

      2024-05-23_c9be0a4b82f4d226b844317cb2fd3b5a_cryptolocker

    • Size

      47KB

    • MD5

      c9be0a4b82f4d226b844317cb2fd3b5a

    • SHA1

      98aafdef80e69014b8eba7371df31816ab8e33c4

    • SHA256

      977bc2c736444acee073af769ae294c7f0c89beedc7faee7e1b34ba5dd1314dc

    • SHA512

      b7f3acc7893793e226c459fd0db73fbddc53dd19b3dfc18e20b99f398eb02e9e5cded869058d8db63a9aa4d80d68c3dc10ee692a20dae201bed16b331baa15c7

    • SSDEEP

      384:e/4wODQkzonAYsju5N/surDQtOOtEvwDpjqIGROqS/WccJVJwi2B5oCCM8CLW2Vw:79inqyNR/QtOOtEvwDpjBKccJVODvy3J

    Score
    9/10

    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks